Lucene search
K

110 matches found

CVE
CVE
added 4 days ago10 views

CVE-2026-55792

Craft CMS is vulnerable in versions 4.0.0-RC1 through 4.17.x and 5.0.0-RC1 through 5.9.x due to dataUrl() being in the Twig sandbox allowlist. A control panel user with the utility:system-messages permission can embed a file-reading payload in system emails, causing the server to read targeted fi...

6CVSS5.8AI score0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-55792 Craft CMS: Sensitive File Disclosure / Server-Side File Read

Craft CMS is a content management system CMS. In versions starting from 4.0.0-RC1 and prior to 4.18.0, and 5.0.0-RC1 and above, prior to 5.10.0, the dataUrl Twig function is included in Craft’s Twig sandbox allowlist, allowing any control panel user granted the utility:system-messages permission ...

6CVSS0.00268EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:37 p.m.4 views

CVE-2026-12537

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...

10CVSS6.3AI score0.00134EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 1:37 p.m.7 views

EUVD-2026-38790

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI versions prior to 0.39.1 and run-gemini-cli GitHub Action versions prior to 0.1.22 on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously...

10CVSS6.3AI score0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 5:16 p.m.33 views

CVE-2026-49983 Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist with --allow-env=FOO,BAR. The expectation is that a program running without env permission cannot...

5.2CVSS0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 5:16 p.m.11 views

CVE-2026-49983

Summary of CVE-2026-49983 details (Deno): Deno’s process.loadEnvFile() incorrectly bypasses env permission checks. It only verifies read permission on the dotenv file and then writes all keys from the file into process.env, even if env access is denied. This means that with --allow-read and a wri...

5.2CVSS5.9AI score0.00098EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:10 p.m.4 views

CVE-2026-53571

Vite is a frontend tooling framework for JavaScript. Prior to 8.0.16, 7.3.5, and 6.4.3, the contents of files that are specified by server.fs.deny can be returned to the browser on Windows. Vite’s dev server denies direct access to sensitive files through server.fs.deny, including entries such as...

8.2CVSS5.9AI score0.00393EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/06/18 1:4 p.m.9 views

Untrusted Search Path

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path via the CLOUDSDKPYTHON environment variable in the .env file during the Gmail setup process. An attacker can cause unintended Python runtime execution by manipulatin...

7.1CVSS6AI score0.00133EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 7:4 p.m.8 views

Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access

Summary In Deno, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist with --allow-env=FOO,BAR. The expectation is that a program running without env permission cannot change process.env. process.loadEnvFile the Node-compatible...

5.2CVSS5.4AI score0.00098EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.12 views

CVE-2026-47125

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 5:7 p.m.12 views

EUVD-2026-33370

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-45033

Impact A Remote Code Execution RCE vulnerability was discovered in Ouroboros. If a user clones a malicious repository and runs Ouroboros commands within that directory, it can lead to arbitrary code execution and potential system takeover. The vulnerability CWE-426: Untrusted Search Path & CWE-15...

8.6CVSS6.4AI score0.00557EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:41 p.m.11 views

CVE-2026-45344

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

6AI score0.00456EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 5:16 a.m.17 views

Malicious code in wrld-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58965a325ad88c872b7c01668e4c08ca337b5fa022c15e626e23697d23fb594c The package exposes a public authentication API auth.user.login, auth.user.register, auth.user.get, auth.user.delete, plus an auth.system RPC surface...

5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/09 3:30 a.m.8 views

CVE-2026-42461

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...

8.7CVSS5.7AI score0.00309EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/07 12:0 a.m.15 views

Malicious code in camelotlabs-core (npm)

Five packages camelotlabs-sdk, camelotlabs-core, camelotlabs-config, camelotlabs-worker, and camelotlabs-utils were published to the public npm registry at version 99.0.0 by the actor madman0619 as a dependency confusion attack targeting the internal npm packages of Camelot Labs. The inflated...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:25 a.m.4 views

CVE-2026-43531

OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to compromise...

7.3CVSS5.8AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 2026/05/05 11:25 a.m.14 views

CVE-2026-43531

OpenClaw is vulnerable prior to version 2026.4.9 due to an environment variable injection flaw that allows malicious workspace .env files to set runtime-control variables. This can alter update sources, gateway URLs, ClawHub resolution, and browser executable paths, potentially changing applicati...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.7 views

CVE-2026-41336

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...

8.5CVSS6.1AI score0.00133EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/21 12:18 p.m.7 views

SUSE CVE-2026-28684

python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...

6.6CVSS5.9AI score0.00236EPSS
Exploits1References5
Rows per page
Query Builder